Two ThinkPad X60 laptops modified to use Libreboot as their firmware
|Original author(s)||Leah Rowe|
|Developer(s)||The Libreboot project|
|Initial release||12 December 2013|
|Stable release||20160902 (September 2, 2016[±])|
|Platform||IA-32, x86-64, ARMv7|
Libreboot (formerly known as GNU Libreboot) is a free-software project aimed at replacing the proprietary BIOS firmware found in most computers with an open-source, lightweight system designed to perform only the minimum number of tasks necessary to load and run a modern 32-bit or 64-bit operating system.
Libreboot is established as a distribution of coreboot without proprietary binary blobs. Libreboot is not a straight fork of coreboot; instead, it is a parallel effort that works closely with and re-bases every so often on the latest coreboot as the upstream supplier, with patches merged upstream whenever possible. In addition to removing proprietary software, libreboot also attempts to make coreboot easy to use by automating the build and installation processes.
The Libreboot project made possible the required modifications for completely open source variants of some ThinkPad, Chromebook, and MacBook laptops as well as desktop and server and workstation motherboards. According to its own documentation, it can work with any Linux distribution that uses kernel mode setting (KMS) for the graphics, while Windows is not supported and its use is discouraged by Libreboot. Support for BSD is largely untested, with some successful reports while booting OpenBSD and NetBSD.
Libreboot was launched in 2013 to make an open-source version of coreboot (by removing "binary blobs" included in the coreboot source code). The project was founded by Leah Rowe. Since February 2015 the project has been endorsed by Free Software Foundation (FSF). The project became part of the GNU Project in May 2016.
In September 2016 the lead developer announced that the project would leave the GNU Project and in January 2017, Richard Stallman announced that Libreboot was released from the GNU project. The reason for the dispute was allegations from the lead maintainer that FSF had fired a transgender employee because the employee reported gender harassment. The FSF denied these allegations the same day. In April 2017, the Libreboot project removed the accusations from their website, the lead developer apologised for what happened and control of the website was transferred to another contributor. Three weeks later, a proposal to re-apply to become a GNU Project was published.
On May 1, 2017, Intel has confirmed and patched a remote elevation of privilege bug (CVE-2017-5689) in its Management Engine firmware, a bug long suspected by members of the Coreboot and Libreboot communities. Every Intel platform with either Intel Standard Manageability, Active Management Technology, or Small Business Technology, from Nehalem in 2008 to Kaby Lake in 2017 has a remotely exploitable security hole in the IME (Intel Management Engine). Another security risk alleged to be inside the IME is the Intel vPro cellular radio, through which hardware components can be accessed remotely, or the computer can even be killed, however there is no evidence such capability exists within the chip itself (vPro is designed to use external radio devices for the services that have provoked this rumour).
- Server boards: Asus KFSN4-DRE and Asus KGPE-D16
- Desktop boards: Asus KCMA-D8, Intel D510MO, Gigabyte GA-G41M-ES2L, and Apple iMac 5,2
- Laptops: Asus Chromebook C201, Lenovo ThinkPad X60, X60s and X60 Tablet, Lenovo ThinkPad T60 (models with ATI GPUs cannot be used due to proprietary vBIOS), Lenovo ThinkPad X200, X200s (some exceptions) and X200 Tablet, Lenovo ThinkPad R400, Lenovo ThinkPad T400 and T400s, Lenovo ThinkPad T500, Apple MacBook 1.1, and Apple MacBook 2.1
- "Libreboot release information". Libreboot. Retrieved 2 September 2016.
- "Coreboot ARM". coreboot. 15 October 2013. Retrieved 1 February 2014.
- "libreboot's COPYING file". notabug.org. Retrieved 16 September 2016.
- "GNU Libreboot". Retrieved 24 May 2016.
- "Libreboot". Free Software Foundation. Retrieved 31 July 2014.
- "Libreboot". Libreboot. Retrieved 31 July 2014.
- "About the libreboot project". Libreboot. Retrieved 25 April 2015.
- Gay, Joshua (4 August 2014). "Replace your proprietary BIOS with Libreboot". Free Software Foundation. Archived from the original on 16 June 2016.
- Gay, Joshua (9 October 2012). "Respects Your Freedom hardware product certification". Free Software Foundation. Retrieved 25 February 2015.
- "Hardware compatibility list". Libreboot. Retrieved 19 May 2016.
- "Answers to Frequently Asked Questions about libreboot". Libreboot.org.
- "Libreboot project contributors". libreboot.org. Archived from the original on 4 April 2017. Retrieved 14 May 2016.
- "Campaign for Free BIOS". 15 February 2015. Archived from the original on 15 February 2015.
- Larabel, Michael (19 May 2016). "Libreboot, Coreboot Downstream, Becomes A GNU Project". Phoronix. Archived from the original on 29 June 2018. Retrieved 19 May 2016.
- Stallman, Richard (5 January 2017). "Goodbye to GNU Libreboot". Archived from the original on 21 April 2018. Retrieved 5 January 2017.
- Zammit, Damien (18 September 2016). "Libreboot Screwup". zammit.org. Archived from the original on 29 June 2018. Retrieved 31 October 2016.
[the contributors] are not consulted about any of the views expressed on the libreboot.org website when they are hastily published by Leah Rowe.
- "Libreboot opposes the Free Software Foundation and GNU project". Libreboot. Archived from the original on 8 December 2016. Retrieved 22 September 2016.
- Sullivan, John (16 September 2016). "Free Software Foundation statement on 2016-09-16". Free Software Foundation. Archived from the original on 29 June 2018. Retrieved 24 September 2016.
- Rosenzweig, Alyssa; Rowe, Leah (2 April 2017). "Open Letter to the Free Software Community". Retrieved 24 April 2017.
- Larabel, Michael (22 April 2017). "Libreboot Is Now Considering Whether To RE-Join The GNU". Phoronix. Archived from the original on 1 December 2017. Retrieved 24 April 2017.
- Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability Escalation of Privilege -Intel Security Center
- Schestowitz, Roy (20 June 2014). "'Active Management Technology' is Quite Likely a Back Door, Along With Intel's UEFI". Techrights. Archived from the original on 30 June 2018.
- "Why is the latest Intel hardware unsupported in libreboot?". Libreboot. Retrieved 2 May 2017.
- Demerjian, Charlie (1 May 2017). "Remote security exploit in all 2008+ Intel platforms". SemiAccurate. Archived from the original on 3 February 2019.
- Williams, Chris (1 May 2017). "Red alert! Intel patches remote execution hole that's been hidden in chips since 2010". The Register. Archived from the original on 25 January 2019.
- Intel vPro 3G Digital signage
- Chirgwin, Richard (23 September 2013). "'Occupy' affiliate claims Intel bakes SECRET 3G radio into vPro CPUs". The Register. Archived from the original on 20 April 2018.
- Larabel, Michael (28 June 2015). "Libreboot Now Supports An AMD/ASUS Motherboard". Phoronix. Archived from the original on 29 June 2018. Retrieved 14 July 2015.
- Linder, Brad (12 August 2015). "Libreboot ported to Asus Chromebook C201 (free software bootloader)". Liliputing. Archived from the original on 13 August 2015. Retrieved 15 October 2015.